Jump to content

Recommended Posts

Can I saw how frustrating it is that you can't see the whole row in the threat scan results. And when you export it, its still not the same as what it shows in that table. This is the text export of the results, identified as Malware.AI.4231592388. Apparently the uninstall script for Notepad++ is malware?

------------------------------------------------------

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 7/5/20
Scan Time: 2:52 AM
Log File: 0cf526f0-be8c-11ea-963e-08626682a4b1.json

-Software Information-
Version: 4.1.2.73
Components Version: 1.0.972
Update Package Version: 1.0.26433
License: Premium

-System Information-
OS: Windows 10 (Build 18362.900)
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 400118
Threats Detected: 2
Threats Quarantined: 0
Time Elapsed: 4 min, 51 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 1
Malware.AI.4231592388, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Notepad++, No Action By User, 1000000, 0, , , ,

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 1
Malware.AI.4231592388, C:\PROGRAM FILES\NOTEPAD++\UNINSTALL.EXE, No Action By User, 1000000, 0, 1.0.26433, 22A359B065A2BC9DFC38F9C4, dds, 00793776

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

Link to post
Share on other sites

I have the same scan result this morning.  I have attached my copy of the detected file.

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 7/5/20
Scan Time: 2:34 AM
Log File: 8e7f370e-be89-11ea-a4fe-14feb5dddbc0.json

-Software Information-
Version: 4.1.0.56
Components Version: 1.0.972
Update Package Version: 1.0.26433
License: Premium

-System Information-
OS: Windows 10 (Build 18362.900)
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 346444
Threats Detected: 2
Threats Quarantined: 0
Time Elapsed: 10 min, 31 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 1
Malware.AI.4231592388, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Notepad++, No Action By User, 1000000, 0, , , , 

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 1
Malware.AI.4231592388, C:\PROGRAM FILES\NOTEPAD++\UNINSTALL.EXE, No Action By User, 1000000, 0, 1.0.26433, 22A359B065A2BC9DFC38F9C4, dds, 00793776

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

notepad++_uninstall.zip

Link to post
Share on other sites

  • 5 months later...

This seems to have come back, this time with Malware.AI.4024523508

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 12/20/20
Scan Time: 11:50 AM
Log File: 7b8b4ec4-42e3-11eb-9970-a4bb6dcf234a.json

-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1130
Update Package Version: 1.0.34545
License: Premium

-System Information-
OS: Windows 10 (Build 19041.685)
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 388881
Threats Detected: 2
Threats Quarantined: 0
Time Elapsed: 4 min, 7 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 1
Malware.AI.4024523508, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Notepad++, No Action By User, 1000000, 0, , , , , , 

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 1
Malware.AI.4024523508, C:\PROGRAM FILES (X86)\NOTEPAD++\UNINSTALL.EXE, No Action By User, 1000000, 0, 1.0.34545, BB569EB76C7FE0D4EFE15AF4, dds, 01036301, B356B115AE2955EA7197803D203DFB4A, 08EDD85739F09DAA530FBA6BFC82742FB283D725FBEE3A0F0260AEF4BF6C75BD

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

Link to post
Share on other sites

  • 1 month later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.